Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 45.0 might allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free).

A remote user can cause arbitrary code to be executed on the target user's system. A remote user can cause denial of service conditions on the target system. A remote user can modify files on the target system. A remote user can bypass same-origin restrictions on the target system. A remote user can spoof the address bar. Network Security Services (NSS) is affected.